Page 1 of 1

sign invalid | POST: /v1.0/iot-03/devices/{device_id}/commands

Posted: 2024年 Dec 6日 09:10
by wevertonl

I'm trying to control a lamp I have in my room through an HTTP request using curl. Analyzing the documentation at the links:

https://developer.tuya.com/en/docs/iot/ ... 0q34cs2e5g

https://developer.tuya.com/en/docs/clou ... 0parameter

I understood that before accessing the POST endpoint: /v1.0/iot-03/devices/{device_id}/commands I should generate an access_token via the /v1.0/token?grant_type=1 endpoint, I managed to do this and get the sign and timestamp with python code, I used the following:

Code: Select all

import time
import hmac
import hashlib

# Definição da função generate_tuya_sign
def generate_tuya_sign(client_id, secret, http_method, url, query_params=None, body=None, access_token=None):
    # Timestamp atual em milissegundos
    timestamp = str(int(time.time() * 1000))

# 1. Criar o stringToSign
# Método HTTP
method = http_method.upper()

# Ordenar query_params por chave, se existirem
sorted_query = "&".join(f"{k}={v}" for k, v in sorted(query_params.items())) if query_params else ""

# Hash do corpo da requisição
if body:
    body_string = str(body)  # Certifique-se de serializar o corpo de forma consistente
    body_hash = hashlib.sha256(body_string.encode('utf-8')).hexdigest().lower()
else:
    body_hash = hashlib.sha256("".encode('utf-8')).hexdigest().lower()

# Concatenar no formato exigido
string_to_sign = f"{method}\n{body_hash}\n\n{url}?{sorted_query}"

# 2. Concatenar os parâmetros do sign
if access_token:
    string_to_sign = f"{client_id}{access_token}{timestamp}{string_to_sign}"
else:
    string_to_sign = f"{client_id}{timestamp}{string_to_sign}"

# 3. Gerar a assinatura usando HMAC-SHA256
sign = hmac.new(secret.encode('utf-8'), string_to_sign.encode('utf-8'), hashlib.sha256).hexdigest().upper()

return sign, timestamp

# Configuração para o endpoint de autenticação
client_id = "client"
secret = "secret"
http_method = "GET"  # Método HTTP da requisição
url = "/v1.0/token"  # Caminho relativo para o endpoint
query_params = {"grant_type": "1"}  # Parâmetros da query string
body = None  # Nenhum corpo necessário para este endpoint
access_token = None  # Não é necessário para autenticação inicial

# Gerar sign e timestamp
sign, timestamp = generate_tuya_sign(client_id, secret, http_method, url, query_params, body, access_token)

# Imprimir resultados
print("Sign:", sign)
print("Timestamp:", timestamp)